You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
So, composer status incorrectly does a false positive when you define a source.type: git package in your repositories config.
Browsing through the code it seems that when preparing to compare versions, the given source.reference is assumed to be directly comparable to a commit ID:
I would propose that there's justification to add a provision for git version checks, that tags and their commit IDs should have additional comparisons, meaning something like if (source.reference != commit) ... else if (source.reference != "git describe --exact-match commit") ... else ....
I have been able to reproduce on private projects, but this seemed like a simple enough test case to show the observed problem.
In this example, btw, git correctly reports the matching ref:
Checking composer.json: WARNING
No license specified, it is recommended to do so. For closed-source software you may use "proprietary" as license.
Checking platform settings: OK
Checking git settings: OK git version 2.38.1
Checking http connectivity to packagist: OK
Checking https connectivity to packagist: OK
Checking github.com oauth access: OK
Checking disk free space: OK
Composer version: 2.5.999-dev+source
PHP version: 8.1.11
PHP binary path: /opt/homebrew/Cellar/php/8.1.11/bin/php
OpenSSL version: OpenSSL 1.1.1q 5 Jul 2022
cURL version: 7.85.0 libz 1.2.11 ssl (SecureTransport) OpenSSL/1.1.1q
zip: extension present, unzip present, 7-Zip not available
So,
composer status
incorrectly does a false positive when you define asource.type: git
package in yourrepositories
config.Browsing through the code it seems that when preparing to compare versions, the given
source.reference
is assumed to be directly comparable to a commit ID:https://github.com/composer/composer/blob/main/src/Composer/Command/StatusCommand.php#L113-L141
I would propose that there's justification to add a provision for git version checks, that tags and their commit IDs should have additional comparisons, meaning something like
if (source.reference != commit) ... else if (source.reference != "git describe --exact-match commit") ... else ...
.I have been able to reproduce on private projects, but this seemed like a simple enough test case to show the observed problem.
In this example, btw, git correctly reports the matching ref:
My
composer.json
:Output of
composer diagnose
:When I run this command:
I get the following output:
And I expected this to happen:
No version variation reported
Old related bug: #5555
The text was updated successfully, but these errors were encountered: